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Detailed Action 

1. This action is responsive to communication: amendment filed on 26 May 2005, the 
original application was filed on 7 December 2000. 

2. Claims 28 and 30-47 are currently pending in this application. Claims 28 and 40 are 
independent claims. Claims 1-27 were previously cancelled in amendment dated 27 August 
2004. Claim 29 was cancelled. Claims 28, 30, 40, 44-47 were amended. 

Response to Arguments 
4. Applicant's arguments with respect to claims 28 and 30-47 have been considered but are 
not persuasive. 

In response to arguments starting on pages 8-9, "To establish prima facie obviousness of 
a claimed invention, all the claim limitation must be taught or suggest by the prior art . . . It is 
also well established that if a proposed modification would render the prior art invention being 
modified unsatisfactory for its intended purpose, then there is no suggestion or motivation to 
make the proposed modification . . . Further, the mere fact that references can be combined or 
modified does not render the resultant combination obvious unless the prior art also suggest the 
desirability of the combination". The Office disagrees the motivation to combine the two 
references is as stated in previous Office Action to increase the ability to provide wireless 
coverage see '482 col. 4, lines 1 et seq. In addition c 362 indicates the use of alternative device 
such as a separate computer system, an AAA or RADIUS server. Furthermore '362 indicates the 
details of such devices are known to a persons skilled in the art, these devices would include the 
use of LP AD see '362 col. 7, lines 1-24. 
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In response applicant's argument on page 1 1, "Assuming that references may be 
combined, the combination of XU '362 and Blanco does not teach or disclose the limitation, 
"determining from the home region identifying information whether the home region supports 
Lightweight Directory Access Protocol (DAP) authentication." Blanco describes a system by 
which a remote client is directed to a protocol front end via a network access server ... The 
client-server relationship is a one-to-one relationship". The Office disagrees in the combination 
of '362 and '482 the identifying information is established by RFC 2002 request message as well 
as the LP AD protocol in '482. See '362 col. 7, lines 1-3. The RFC 2002 request message 
contains information identifying the home region. The support for the LP AD protocol is shown 
in the attributes of the request message see '482 col. 4, lines 49-53. Also see articles referenced 
about the RFC 2002 as well as pertaining to the LP AD standard. 

Claim Rejections - 35 JJSC §103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 28, 30, 31, 32, 40, 41, and 42 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Xu et al. U.S. Patent No. 6,738,362 (hereinafter c 362) in further view of 
Blanco et al, U.S. Patent No. 6,539,482 (hereinafter '482). 

As to independent claim 28, "A method for dial roaming outside of a home service 
region comprising: dialing into a local dial access provider; creating an access request 
comprising user identifying information and home region identifying information; 
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forwarding the access request from a network access server (NAS) to a corporate remote 
authentication dial-in user service (RADIUS) server" is taught in '362 col. 4, lines 14-25 "In 
another aspect of the invention, a mobile Internet Protocol service provider system provides 
access to a network for a mobile node and enables the mobile node to communicate with a host 
on the network"; 

"proxying the access request to a regional RADIUS server associated with the user's 
home region; comparing the user identifying information in the access request with user 
identifying information stored in a regional user database accessible to the regional 
RADIUS server; and if the user identifying information in the access request matches the 
stored user identifying information, then: authenticating the user; and providing 
configuration information to the NAS to allow access to a network of the home region" is 
shown in ; 362 col. 4, line 55 through col, 5, line 25 "In yet another aspect, a method is provided 
for authenticating a mobile node for network access. In accordance with the method, a 
registration request message is generated and sent from a foreign agent to a home registration 
agent. The registration request message contains information used to determine whether said 
mobile node is authorized to access a network, such as the mobile device's unique International 
Mobile Subscriber Identity (IMSI) number and/or its Electronic Serial Number (ESN). The 
home registration agent then determines from the information in the registration request message 
whether the mobile node is permitted to access the network. This step may be performed with 
the assistance of a authorization, authentication and accounting server, e.g., a RADIUS server. 
The home registration agent then generates a registration reply message and sends the 
registration; reply message from the home registration agent to the foreign agent" and col. 3, 
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lines 41-48 "such as a general purpose computer or network access server on the visited 
network"; 

the following is not disclosed in c 362: "determining from the home region identifying 
information whether the home region supports Lightweight Directory Access Protocol 
(LDAP) authentication; if the home region does not offer LDAP authentication, then" 

however £ 482 teaches in col. 4, lines 45-53 "According to the RADIUS protocol, like for other 
high-level protocols such as TACACS and LDAP, information is exchanged in the form of 
attributes. Each attribute has a unique attribute identifier and an attribute value". 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify a mobile Internet Protocol service provider taught in '362 to include a means to 
recognize the protocol used of the home service provider. One of ordinary skill in the art would 
have been motivated to perform such a modification to increase the ability to provide wireless 
Internet coverage see c 482 (col. 4, lines 1 et seq.) "Making any authentication procedure use the 
directory service is however not straightforward . . . they are not compatible with the protocols 
used for user authentication on the network, such as RADIUS and TACAS". 

As to dependent claim 30, "wherein the NAS functions as a client of the corporate 
RADIUS server" is taught in '362 col. 7, lines 39-60 "The wireless communication service 
provider may furnish all the basic elements for providing mobile DP services, ... Or, the entity 
may simpley provide home tunneling and home registration agents, and work with other entities 
that own or manage the foreign agents . . . Another example would be an AAA or RADIUS 
server" 
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As to dependent claim 31, "further comprising: if the home region offers LDAP 
authentication, then forwarding the access request to a regional LDAP database" is 

disclosed in £ 482 col. 3, lines 56-57 "The directory is accessible through a network client using 
the appropriate protocol (an LDAP client 12 in FIG. 1)". 

As to dependent claim 32, "further comprising comparing the user identifying 
information in the access request with user identifying information stored in a regional 
user- database accessible to the regional LDAP database" is shown in £ 482 col. 3, lines 58- 
62 "goal of the invention is to make any authentication procedure on the network use the 
authentication data stored in the directory. In this manner, since the same authentication data is 
accessible to all the authentication procedures, this authentication data in principle only needs to 
contain one user identifier and one password". 

As to independent claim 40, this claim is directed to the system of method claim 28 and 
is rejected along similar rationale. 

As to dependent claim 41, this claim contains substantially similar subject matter as 
dependent claims 29 and 30; therefore it is rejected along the same rationale. 

As to dependent claim 42, this claim contains substantially similar subject matter as 
dependent claim 3 1 ; therefore it is rejected along the same rationale. 

7. Claims 33-37, and 43 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
'362, in further view of '482 in further view of Liu et al., U.S. Patent No. 5,898,780 (hereinafter 

'780). 

As to dependent claim 33, the following is not taught in the combination of teachings of 
'362 and '482: "further comprising the regional LDAP database sending an "accept" 
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message if the user is in the regional LDAP database and a "deny" message if the user is 
not in the regional LDAP database" however '780 teaches "transmits a message to the server 
132 either stating that the user 144 should be granted or denied internet access" in col. 4, lines 
50-65 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify a mobile Internet Protocol service provider that uses LDAP data structure taught in 
'362 and '482 to include a means to recognize the home service provider. One of ordinary skill 
in the art would have been motivated to perform such a modification to increase the ability to 
provide wireless Internet coverage see c 780 (col. 1, lines 9 et seq.) "The apparatus of the 
present invention comprises a server or servers that can recognize the domain name of the home 
ISP". 

As to dependent claim 34, "wherein the user identifying information comprises a 
user name and password" is disclosed in '780 col. 4, lines 50-61 "Block 162 indicates that the 
server 1 36 includes software attempts to match the "roaming" login information in an entry in a 
lob table in the server 136". 

As to dependent claim 35, "wherein the home region identifying information 
comprises a component of the user name" is taught in '780 col. 1, lines 25-27 "the user logs 
on to the local network of the foreign internet service provider using an identifier that includes 
the user's identification term, an identification term for the server of the home ISP". 

As to dependent claim 36, "wherein the user name comprises an email address of 
the user" is shown in '780 col. 1, lines 3 1-33 "For example, the user might log o to the local 
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network of the local ISP by using a standard e-mail address such as jdoe@aimnet.com. Followed 
by the user's secret passAvord". 

As to dependent claim 37, "wherein comparing the user identifying information in 
the access request with user identifying information stored in a regional user database 
accessible to the regional RADIUS server comprises comparing the user password in the 
access request with a user password stored in a regional user database accessible to the 
regional RADIUS server" is disclosed in c 780 col. 4, lines 50-61 "Block 162 indicates that the 
server 136 includes software attempts to match the "roaming" login information in an entry in a 
lob table in the server 136". 

As to dependent claims 43 and 44, these claims contain substantially similar subject 
matter as dependent claims 33 and 34; therefore they arerejected along the same rationale. 
8. Claims 38, 39, 45, 46, and 47 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over '362 in further view of '482, in further view of '780 and in further view of Xu et al., U.S. 
Patent No. 6,151,628 (hereinafter ? 628). 

As to dependent claim 38, the following is not taught in the combination '362, 482, and 
780: "wherein the user password comprises a first hashed value and wherein comparing 
the user password in the access request with a user password stored in a regional user 
database accessible to the regional RADIUS server comprises: determining at the regional 
RADIUS server a hashing algorithm used to create the first hashed value; obtaining the 
stored password in clear text format; applying the hashing algorithm to the clear text 
stored password to produce a second hashed value; and comparing the first hashed value 
to the second hash value" however '628 teaches "In a preferred network access embodiment of 
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the invention, a second phase authentication routine is employed to verify that the remote user is 
authorized to access the designated network. This is accomplished by conducting a password 
authentication procedure such PAP or CHAP routine both of which are known in the art 5 ' in col. 
9, lines 48-57. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify a mobile Internet Protocol service provider which uses a LDAP data structure with 
ability to recognize ISP provider taught in the combination of '362, '482, and '780 to include a 
means provide additional security. One of ordinary skill in the art would have been motivated to 
perform such a modification to increase the ability of Internet service providers to serve many 
users see '628 (col. 2, lines 1 et seq.) "The present invention also provides for network access 
methods by which a network access server, in combination with one or more authentication 
servers, can provide Internet and corporate network authentication and access ". 

As to dependent claim 39, "wherein the hashing algorithm is CHAP" is taught in 
'628 col. 9, lines 48-57. 

As to dependent claim 45, 46, and 47, these claims contain substantially similar subject 
matter as dependent claims 38 and 39; therefore they are rejected along the same rationale. 

Conclusion 

9. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

RFC 2002, Network Working Group October 1996 

Open mobility management platform... 2-3 April 1998 

Service trading for mobile agents with LDAP... 17-19 June 1998 
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1 0. Any inquiry concerning this communication or earlier communications from the 

examiner should be directed to Ellen C Tran whose telephone number is 

(571) 272-3842. The examiner can normally be reached from 6:00 am to 1:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 

Gregory A Morse can be reached on (571) 272-3838. The fax phone number for the 

organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 

Information Retrieval (PAIR) system. Status information for published applications may be 

obtained from either Private PAIR or Public PAIR. Status information for unpublished 

applications is available through Private PAIR only. For more information about the PAIR 

system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 

PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Ellen Tran 
Patent Examiner 
Technology Center 2134 
] 9 August 2005 
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